Ubuntu Router Network Gateway

In this article you will learn how to setup your very own Ubuntu router internet gateway. The Ubuntu router / gateway will act exactly like any other router that you can purchase at the store, except your linux box will have more functionality and extra security. What you will need to build your Ubuntu router:

This article will explain how to setup a fresh install of Ubuntu 10.04 server edition, configuring a dhcp server for a local network, while a including a firewall from the nasty internet. The first thing that you are going to do is a fresh install of the Ubuntu server edition, but selecting only Open SSH server during the software installation section of the Ubuntu install. After the installation completes and your pc reboots, you are then going to want to set a root password (su).

sudo passwd root

After you have a set a root password, login into root by typing the following command:

su

After you are in super user mode (root) we are then going to want to update our Ubuntu distro. Type the following commands to update the os and other programs.

apt-get update

apt-get upgrade

After your computer updates, restart it.

reboot

Ubuntu Router – Setup Network Cards

vi /etc/network/interfaces

In the example below my eth0 represents the network interface that connects to the internet and the eth1 interface connects to switch. The switch then connects to all of your other networked devices, such as your gaming system and other networked devices. I added the following code into the /etc/network/interfaces file:

auto eth1

iface eth1 inet static

address 192.168.10.1

netmask 255.255.255.0

network 192.168.10.0

broadcast 192.168.10.255

/etc/init.d/networking restart

The next following step is not required, but I like to set a hostname for my Ubuntu router, all you have to do is install apache and you could have your own personal intranet or web server.

vi /etc/hosts

echo homeserver.gateway.2wire.net > /etc/hostname

/etc/init.d/hostname.sh start

hostname

hostname -f

Once you have completed the following above, you can use putty to access your linux machine from your windows based pc. This will allow you to copy and paste the following code, to speed up the process of creating your linux gateway. The first thing that you must do to use putty to configure your Ubuntu router, is set a static ip on your windows machine, since we don’t have a dhcp server installed yet. Set a static ip address for Microsoft Vista. If you don’t want to use putty you can just type out the rest of the code, putty just makes it easier. Once you have chosen your terminal program that you are going to use, again login under root. It is now time to install some software that we will need to setup the gateway.

Ubuntu Router – Enable Packet Forwarding

vi /etc/sysctl.conf

# Uncomment the next line to enable packet forwarding for IPv4

net.ipv4.ip_forward=1

echo 1 > /proc/sys/net/ipv4/ip_forward

Ubuntu Router – Install Webmin

Webmin is another good program to use to configure you Ubuntu gateway and other server programs that you might use. If you use webmin, you will be able to easily configure you server, using any web browser you choose.

cd /opt

mkdir webmin

cd /opt/webmin

wget http://prdownloads.sourceforge.net/webadmin/webmin-1.430.tar.gz

tar xzvf webmin-1.430.tar.gz

cd webmin-1.430/

./setup.sh

During installation you will be asked a few questions, just press enter a few times. The only thing that you want to change is the port number, user name and password and also say yes to SSL.

Configure dhcp

Network address – 192.168.10.0

Netmask – 255.255.255.0

Address ranges -192.168.10.100 – 192.168.10.200

After you have entered the above click on the create button. You should now see an icon that reads 192.168.10.0, click on this new icon and then click on the Edit Client Options button.

Subnet mask – 255.255.255.0

Default routers – 192.168.10.1

Broadcast address – 192.168.10.255

DNS servers – 192.168.10.1

After you have the above into the client options windows click the save button twice, which should return you to the main Dhcp server window. Inside the dhcp server screen, you see a button called Edit Network Interface, click this button and select eth1 then click save. Now click on the Start Sever button to start you dhcp server, if you see no errors, you are good.

Configure firewall

Once you have setup you dhcp server, click on the Networking tab, then click on the Linux Firewall link. You will now need to select “Do network address translation on external interface:” on eth0, then click on Setup Firewall. Once you are inside the firewall program, change the drop down list from Network Address Translation (NAT) to Packet filtering (filter). You will now need to add the following rules to your firewall.

Input:

Accept if input interface is lo

Accept if input interface is eth0 and state of connection is ESTABLISHED, RELATED

Accept if input interface is eth1

Click on Apply Configurations.

Ubuntu Router Resources

26 Responses to Ubuntu Router Network Gateway

Great guide. Very brief and simple. If multiple interfaces are used for NAT is it possible to limit bandwidth on each interfaces? For example if my internet connection has speed of 4 mbps, can I divide it into 2 mbps each on 2 NAT interfaces.

Great guide! I followed your steps but still can’t seem to get addresses from the internal NIC to route externally. I can assign dhcp addresses perfectly fine but the computers can access the internet. If I ping an external address, say red.com I get a non-authoritative response at the external address but still can’t get to the site

If you installed Webmin on your computer, just login. Select Linux Firewall under the Networking tab, then click Reset Firewall. I just updated the post after realizing you were having a problem. Try the new directions for setting up the firewall.

Configure firewall

Once you have setup you dhcp server, click on the Networking tab, then click on the Linux Firewall link. You will now need to select “Do network address translation on external interface:” on eth1, then click on Setup Firewall. Once you are inside the firewall program, change the drop down list from Network Address Translation (NAT) to Packet filtering (filter). You will now need to add the following rules to your firewall.

Input:

Accept if input interface is lo

Accept if input interface is eth0 and state of connection is ESTABLISHED,RELATED

I have read a lot about connecting broadband router to home server. Nearly all new installation by ISP to home comes with router with a modem built in, so you will not have modem outlet, and all the outlets are after the gateway ready to be connected to your PCs with UTP cables or wirelessly. Normally, you see only the internal network IPs but not the external dynamic IP (WAN) though you could read it by program such as IP2. A pure broadband modem is difficult to come by these days. Is there any way to bypass the integrated hardware router in the modern ISP supplied router (modem + router) and get our server’s NIC to connect to WAN? ISP supplied manual will not tell you how. I am new and would appreciate help.

You need to put the isp provided gateway (router) into DMZ mode. The way the gateway works is that it takes your isp provided ip address and translates it to a local area connection. So if you put the gateway in DMZ mode, you can assign the isp provided ip address to your server. This is really not that safe since all ports will be open to the server. Your better off assigning a local area static ip address on your server, then open the ports that you will need for your server. For instance if your are running a web server, you can just open up port 80 on the gateway to allow access to your web server.

For example if your isp provided ip address is 99.150.4.130, and you local area network is 192.168.1.0. You can set a static ip address on your server to 192.168.1.10. Then you open port 80 on the gateway firewall. You will be able to type 99.150.4.130 into your web browser to view your web server, if you happen to be at a different location. If you are at home, you could type either 99.150.4.130 or 192.168.1.10 into your browser to view your web server. Search google for “port numbers” to find out what ports you need to open up.

I have installed Ubuntu Server and have one network card which is patched straight into the raw internet with a static external IP and gateway etc etc this all worked fine and I can get out and in.

This morning I added another network card as I wanted to access the machine via the LAN. The new card is setup to use roaming mode (DHCP). Since installing this new card I can access the LAN and see it on the network, but I can no longer access the Internet, in or out! Can someone please advise? I”m thinking it’s something I have to change on the route tables from what I’ve googled but I’m lost what it is I need to change! Thank you
Shared? The internet is being patched straight into the box.

I have a gateway desktop PC which is the main one. and I just got a dell ubuntu 10.11 desktop but I have no idea how to use or connect to my current home network Do I need to directly connect the ubuntu PC to the router or switch? I can’t seem to connect to anything with tit. SOMEONE PLEASE HELP!!
can I also get wireless on the desktop? there is an option to do that on the desktop which is unusual for a desktop right? So can I connect wirelessly to my home network from my desktop.
Is there another way then just directly connecting to the router from my second desktop PC (ubuntu)? I would need a cable for that right?

I am currently making my home network and before I got a new router, it worked fine. I just added a new router onto the same network but giving it a different number. My first router is on the 2.1 network and my second one is on the 0.1 network. I am using Ubuntu 12.04 LTS server for my file server and after making changing to my old static ip on my server to fit the new network, I am unable to sudo apt-get update or dig myip.opendns.com @resolver1.opendns.com +short. I made sure that my /etc/network/interfaces was changed as well to the network. What else am I missing. The 2nd router is a Netgear Prosafe VPN Firewall 8 FVS318v3. I allowed the port forwarding to my server as well.
I just took the other router away and replaced it with my new one. Everything works except for the server pinging outwards. I can use my desktop and ping my server and its fine. But I can not ping my desktop from my server. I can ping the router. I am thinking that there is something wrong with my server but I am unable to find whats wrong.
I can SSH into it from my desktop as well threw its internal ip but I can’t threw my external when I use my phone to ssh into my server.

I have a gateway desktop PC which is the main one. and I just got a dell ubuntu 10.11 desktop but I have no idea how to use or connect to my current home network Do I need to directly connect the ubuntu PC to the router or switch? I can’t seem to connect to anything with tit. SOMEONE PLEASE HELP!!
can I also get wireless on the desktop? there is an option to do that on the desktop which is unusual for a desktop right? So can I connect wirelessly to my home network from my desktop.
Is there another way then just directly connecting to the router from my second desktop PC (ubuntu)? I would need a cable for that right?

Ok, so Just installed Ubuntu 8.10 from a CD,everything went fine, when the login window came up, I entered my info. After that nothing. I could move the mouse,but nothing else. The screen just froze. I searched on farther Google,found some really helpful ways. From my research, I think the problem is that I don’t have an IP configured to the NIC. I came to this conclusion after learning that the “freezing screen” might be the cause of the graphics,so I try to upgrade that using the comman: ispci apt-get update and ispci apt-get upgrade.
When I entered these, I get a comman that the ubuntu site could not be found.

So I tried to enter my IP info using the command:
sudo nano /etc/network/interfaces

All I could see was

auto lo
iface lo loopback

I tried to enter my info, but I somehow could not. So how do I do that.

I am newbie to Ubuntu,

if it helps, when I do the ifconfig command all I see is the loopback info.

I have a HP Officejet 6000 E609A printer
I have a cyberpower pc desktop
an Asus Laptop
and a custom built desktop pc that’s soon to be loaded with ubuntu server edition and converted into a fileserver, dns server, webserver, and anything else I think I need

I have a TP-Link TL-R600VPN Router
and a Motorola SBG6580 combination cable modem and router

I thought this would be all too simple, connect my printer, desktop, laptop, and server to the 4 different gigabit LAN ports on my tp link router, then connect my timewarnercable modem/routers’s lan port (1 of 4) to the gigabit wan port on my tp link router

I thought this would enable me to essentially have a LAN between all my devices, while at the same time having the tp link router double as a gateway to my other router, which acts as a gateway to the internet

It seems my inexperienced hands were kinda/sorta able to get the lan going, but I cant get internet on any of my devices, and I don’t think the tp link router is receiving internet, even though it’s wan port is ethernet cable connected to 1 of the lan ports on my motorola modem/router

Is there any way I can fix all of this? Am i using products in a way that cant work, or am i just making some minor mistake?
oh my god, a minor detail, but I still cant believe i made that mistake, its not an asus laptop, its an acer laptop, I doubt that will affect your answer in any way, but it just kills me that I would make such a mistake, facepalm moment
I havent just been sitting on my rear after asking this question, I’ve been continuing to look stuff up…..dare I try this again, and look for an “ip passthrough” option on my modem/router. will that make all this work?

I installed Ubuntu Server edition on a computer while i was out buying an ethernet cable… So it never configured the network durring the instalation. how can I configure the network to work now that I have internet? (can’t ping anything, cable already tested to work in different computer)

Ok, so Just installed Ubuntu 8.10 from a CD,everything went fine, when the login window came up, I entered my info. After that nothing. I could move the mouse,but nothing else. The screen just froze. I searched on farther Google,found some really helpful ways. From my research, I think the problem is that I don’t have an IP configured to the NIC. I came to this conclusion after learning that the “freezing screen” might be the cause of the graphics,so I try to upgrade that using the comman: ispci apt-get update and ispci apt-get upgrade.
When I entered these, I get a comman that the ubuntu site could not be found.

So I tried to enter my IP info using the command:
sudo nano /etc/network/interfaces

All I could see was

auto lo
iface lo loopback

I tried to enter my info, but I somehow could not. So how do I do that.

I am newbie to Ubuntu,

if it helps, when I do the ifconfig command all I see is the loopback info.